Barracuda Web Site Firewall 360 – BWF360a The Barracuda Web Site Firewall is a complete and powerful security solution for Web applications and Web sites. The Barracuda Web Site Firewall provides award-winning protection against hackers leveraging protocol or application vulnerabilities to instigate data theft, denial of service or defacement of your Web site.

Protection against common attacks

Outbound data theft protection

Web site cloaking

Granular policies

Secure HTTP traffic

SSL Offloading

SSL Acceleration

Load Balancing

Powerful, Complete Solution
The Barracuda Web Site Firewall protects Web applications and Web services from malicious attacks, and can also increase the performance and scalability of these applications. The Barracuda Web Site Firewall offers every capability needed to deliver, secure and manage enterprise Web applications from a single appliance through an intuitive, real-time user interface.

Single point of protection for inbound and outbound traffic for all Web applications

Monitors traffic and provides reports about attackers and attack attempts

Comprehensive Web Site Protection
The Barracuda Web Site Firewall provides award-winning protection from all common attacks on Web applications, including SQL injections, cross-site scripting attacks, session tampering and buffer overflows.

Many applications are vulnerable to such attacks because application developers do not consistently employ secure coding practices. Barracuda Web Site Firewall is designed to combat all attack types that have been categorized as significant threats, including:

Cross Site Scripting (XSS)

SQL injection flaws

OS command injections

Site reconnaissance

Session hijacking

Application denial of service

Malicious probes/crawlers

Cookie/session tampering

Path traversal

Information leakage

A Single Solution to a Multifaceted Problem
Online Web-based applications are increasingly at risk from professional hackers who target such applications in order to commit data theft or fraud. Being compromised can damage an enterprise’s reputation, result in loss of customers and impact the organization’s bottom line.

In addition, companies that transact online are faced with a host of growing industry regulations such as the Payment Card Industry Data Security Standard (PCI DSS), which mandates that all enterprise and Web applications handling credit card and account information must undergo an extensive and costly audit of custom application code. The alternative to satisfy PCI DSS compliance is simply installing a Web application firewall.

The combination of these factors along with banking industry PCI DSS compliance concerns, creates demand for a more technologically and cost-effective risk protection solution for online Web applications.
Backed by the worldwide leader in email and Web security appliances, the Barracuda Web Site Firewall will continue to dominate the market by breaking technology barriers.

Barracuda Web Site Firewall Features

Traditionally, security has been considered a network issue, where system administrators lock down host computers through a network firewall. While a typical network firewall can help restrict traffic to HTTP and HTTPS, this traffic can contain command exploits leveraging vulnerabilities in the Web application itself that can result in data leakage, site defacement and other attacks by hackers that compromise both the privacy and integrity of vital data. Businesses of all sizes that operate their own Web applications should ensure that their Web sites are protected against application vulnerabilities.
The Barracuda Web Site Firewall provides complete protection of Web applications and is designed to enforce policies for both internal and external data security standards, such as Payment Card Industry Data Security Standard (PCI DSS). At the same time the Barracuda Web Site Firewall 460 and higher models feature a comprehensive set of application delivery capabilities designed to improve the performance, scalability and manageability of today’s most demanding data center infrastructures.

HTTP protocol compliance. At a basic level, the Barracuda Web Site Firewall verifies that all inbound requests comply with the HTTP specification. For example, inbound requests with more than one Content-Length header are typically the basis of HTTP request smuggling attacks; therefore they are illegal according to the HTTP specification and are blocked automatically.

Protection against attacks based on session state. The Barracuda Web Site Firewall protects your Web applications against any attacks based on session state, such as forms tampering or cookie tampering.

Outbound data theft protection. In addition to inspecting the request traffic, the Barracuda Web Site Firewall also inspects all outbound packets for any data pattern expressible as a UNIX-style regular expression. Built-in policies protect all major credit cards and U.S. Social Security number patterns and new data patterns can be added at any time. Inspection for outbound leakage of these patterns can be applied to security policy on-the-fly.

Web site cloaking. To prevent hackers from doing reconnaissance on your Web infrastructure, the Barracuda Web Site Firewall automatically strips identifying banners of Web server software and version numbers out of all transactions.

Anti-crawling.
While some Web crawlers, such as search engines are often desirable, you may wish to prevent all other users from downloading your entire site. The Barracuda Web Site Firewall can easily identify and allow legitimate crawlers while blocking more malicious ones.

Fine-grained control. The Barracuda Web Site Firewall features automatic fine-grain rules creation based on both HTTP requests and responses down to the level of individual HTML elements.

Application denial of service (DoS) protection. By validating input limits for online form fields, Web applications and sites are protected against the SQL injections, OS command injections or form field-based attacks. Fine-grain control on all points prevents hackers from instigating these common attacks.

Application Access Control
The Barracuda Web Site Firewall implements a single point for policy enforcement and control, which includes authentication to ensure that users are known, access control policy for resources and protection against data leakage. Capabilities include:

PKI support. By providing a full PKI infrastructure, the Barracuda Web Site Firewall can act as a Certificate Authority, including participating in a certificate trust chain.

Cookie tampering. The Barracuda Web Site Firewall fully terminates and proxies every connection to insulate each unique user session from exposure and can stamp or encrypt the session cookies. Also included to prevent cookie tampering is the ability to ensure that all hidden or read-only form fields are not changed by the user.

Application Delivery and Acceleration
In addition to the comprehensive security benefits of the Barracuda Web Site Firewall, there are also additional operational capabilities available in the Barracuda Web Site Firewall. Capabilities include:

SSL offloading. The Barracuda Web Site Firewall includes SSL offloading, streamlining the encryption and decryption of SSL traffic to quickly process secure online transactions without additional burden on any servers.

Load balancing. The Barracuda Web Site Firewall includes integrated load balancing capabilities to distribute traffic among multiple back-end servers. It supports both Layer 4 and Layer 7 cookie persistence and includes support for Layer 7 content switching based on URL pattern, parameter or HTTP header fields.

High Availability. When inline in Bridge-path, the Ethernet Hard Bypass ensures reliable application delivery even with a single Barracuda Web Site Firewall. For Web applications with stringent security requirements, the Barracuda Web Site Firewall may be installed in a redundant pair configuration, providing real-time application state replication so that security and user sessions will not be compromised during a failover event.

Logging, Monitoring and Reporting
The Barracuda Web Site Firewall features advanced capabilities to provide immediate feedback to the operations team that deploy, manage and secure mission critical applications. Capabilities include:

Comprehensive logging. The Barracuda Web Site Firewall maintains a rich set of logs on the appliance, including system activity, Web Firewall activity, Web services activity, network firewall activity and traditional Web logs.

PCI reports. The Barracuda Web Site Firewall provides an easy-to-read snapshot of common application attacks, critical for securing credit card important and providing compliance to PCI DSS requirements.

Syslog support. The Barracuda Web Site Firewall forwards logs to a syslog server for centralized and persistent storage or analysis by a third party tool.

In order to keep our inventory up to standard, and in alignment with global terminology, please use the list below as reference to the condition of your inventory items:

NIB – New In Box item in original packaging with tape uncut. Product may not contain manufacturer’s warranty.

NOB - New Open Box is an unused product where original manufacturers packaging seal is broken or cut. Product contains warranty.

NEW - Unused product with or without original manufacturers packaging, such as bulk, pulls, F/S, or NOB items. Product contains warranty.

LIKE NEW – Minimally used system pulls in excellent working condition and fully tested.

REF - Product that has been cleaned and refurbished by a manufacturer or vendor. Product may contain a mfg or vendor warranty.

USED - Product that has been tested to work, has no warranty, and has not been refurbished.

ASIS - Unknown condition, does not contain a warranty.

EXC - Product that is available for exchange or contain a returnable core.

REP - Product is available for depot repair.

Shield+Tech Warranty and Support - included on all IT Hardware purchased from us! We will custom build, integrate and test your system and guarantee it is in optimal working condition before it ships. - 90 Day Warranty & Tech support included; Up to 6 years extended warranty available

Government and United States Military Standard -
Econram Systems supplies some of the largest contractors and military organizations such as Boeing, Lockheed Martin, Raytheon, NASA, Northrop Grumman , SAIC, General Dynamics, US Army, US Navy, US Marine Corps, US Coast Guard and many more. Contact us for references!

GSA Pricing and Volume Discounts -
We gladly provide major discounts and GSA pricing to the Government, Military, Schools and Non-profit organizations as well as volume discounts. Send us your RFQ’s and RFP’s to receive a fast obligation free quote.

Copyright Econram Systems™ 2002-2018 And BeyondAll Brand Names And Logos Are Registered Trademarks Of Their Respective Owners, Econram Systems Is Independent Of, And Is No Way Affiliated With Those Entities.